PT-2024-31349 · Lollms +1 · Lollms +2
Name of the Vulnerable Software and Affected Versions: lollms version 9.6 Description: A Cross-Site Request Forgery CSRF vulnerability exists in the XTTS server due to a lax CORS policy, allowing attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage. This...